Washington Post confirms hit in Oracle-linked Cl0p hacking spree

The Washington Post said it was affected by a wider breach tied to Oracle’s E-Business Suite, joining a growing list of victims. The vulnerability was reportedly exploited by the Cl0p ransomware gang, which demands payment from victims in exchange for not leaking stolen files.

Oracle, a major enterprise software provider, disclosed in October that a zero-day flaw in its E-Business Suite had been exploited over the summer. Google also warned that Oracle systems were being targeted in what appeared to be a broader wave of data theft attempts. An initial emergency patch on 2 October failed, and a second critical fix on 11 October left customers exposed for days.

Cl0p’s campaign has already hit high-profile targets including Harvard University, Envoy Air, DXC Technology and Chicago Public Schools. The group, active since at least 2019, previously abused MOVEit, GoAnywhere and Cleo file-transfer tools.

Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!